Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training,
learning paths, books, tutorials, and more.

Incident Response and Investigations

Abstract

When an attack begins, eventually an alert fires and kicks off investigative and responsive activities. Then incident response (IR) moves through several different phases intended to act against an attack on an organization. The order of operations associated with IR, from identification of the problem to ongoing resolution, can be defined like many other 12-step programs designed to guide behaviors, control compulsions, and otherwise recover from destructive circumstances. The 12 steps are detailed in this chapter.